/**
 * 
 */
package edu.gtcfla.km.platform.appmodules.web;

import java.util.HashMap;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import net.sf.json.JsonConfig;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.mgt.WebSecurityManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.servlet.ModelAndView;
import org.vsg.common.web.json.processor.JsDateViewJsonValueProcessor;
import org.vsg.security.annotation.RegisterRequestPermissionStrategy;
import org.vsg.security.json.PermissionVO;

import com.fasterxml.jackson.databind.ObjectMapper;

import edu.gtcfla.km.core.ApplicationConstant;
import edu.gtcfla.km.platform.service.MenuService;
import edu.gtcfla.km.platform.service.impl.MenuShiroPermissionRuleManager;
import edu.gtcfla.km.platform.vo.MenuPermissionVO;
import edu.gtcfla.km.platform.vo.MenuVO;

/**
 * @author Bill Vison
 * 
 */
@Controller
@Lazy
@RequestMapping(edu.gtcfla.km.core.ApplicationConstant.DATA_RERESOURCE)
public class ResourceSecurityController {

	private final static Logger logger = LoggerFactory.getLogger(ResourceSecurityController.class);

	@Autowired
	private WebApplicationContext ctx;
	
	@Autowired(required =false)
	private MenuService menuService;

	@Autowired(required = false)
	public WebSecurityManager securityManager;
	
	@Autowired(required = false)
	private MenuShiroPermissionRuleManager menuShiroPermissionRuleManager;
	
	
	private ObjectMapper mapper = new ObjectMapper(); 	

	@RequiresAuthentication
	@RegisterRequestPermissionStrategy(
		value = "usersecurity-data.json"
	)	
	@RequestMapping(value = "/apps_crm/usersecurity/webcomp.json" , method = RequestMethod.GET)
	public ModelAndView showUserPermissionedAssignment(String callback ,
			String url , HttpServletRequest req) throws Exception {
		
		// --- get local servlet path ---
		String contextPath = req.getContextPath();

		Map userSecinfo = new HashMap();   
		userSecinfo.put("comp.security.menu", new PermissionVO("enable"));
		userSecinfo.put("comp.security.menu1", new PermissionVO("enable"));
		
		JSONObject jsonObject = JSONObject.fromObject( userSecinfo );   

		
		ModelAndView mav = new ModelAndView();
		mav.addObject("json", jsonObject);
		mav.setViewName("jsonobj"); // view name
		
		return mav; 
	}
	
	@RegisterRequestPermissionStrategy(
		value = "menu.json",
		skipCheck = true
	)
	@RequestMapping(value = "/menus.json")
	public ModelAndView accessOfAllMenus() throws Exception {

		String contextpath = ctx.getServletContext().getContextPath();		
		
		// --- get local servlet path ---
		Set<MenuVO> allMenus = menuService.buildMenuForPlatform(contextpath);

		
		byte[] content = mapper.writeValueAsBytes( allMenus );	
		
		String contentOutput = new String(content, "utf-8");
		
		if ( logger.isDebugEnabled() ) {
			logger.debug("Current User Menu : " + contentOutput);
		}
		
		ModelAndView mav = new ModelAndView();
		mav.addObject("json", contentOutput);
		mav.setViewName("jsonobj"); // view name
		return mav; 
	}	
	
	@RegisterRequestPermissionStrategy(
		value = ApplicationConstant.DATA_RERESOURCE + "/menus_auth.json",
		skipCheck = true
	)
	@RequestMapping(value = "/menus_auth.json" , method = {RequestMethod.GET , RequestMethod.POST})
	public ModelAndView accessOfAuthMenusOfSubject(HttpServletRequest request,
			HttpServletResponse response) throws Exception {
		
		// --- ioc security manager
		Subject currentSub = SecurityUtils.getSubject();

		Set<MenuPermissionVO>  menuPermission =  menuShiroPermissionRuleManager.process( currentSub );
		
		byte[] content = mapper.writeValueAsBytes( menuPermission );
		
		String contentOutput = new String(content);
		
		if ( logger.isDebugEnabled() ) {
			logger.debug("Current Auth User Menu : " +  contentOutput );
		}
		
		
		ModelAndView mav = new ModelAndView();
		mav.addObject("json", contentOutput);
		mav.setViewName("jsonobj"); // view name
		return mav; 
	}	

}
